Jack Dorsey, the co-founder and chief executive of Twitter had his own account taken over by hackers, reports reveal.
A gang of cyber-criminals calling themselves the Chuckling Squad say they were responsible for the hack which led to Dorsey’s breached account sending out a storm of abusive and racist comments for around 15 minutes to the account’s 4m followers.
According to Twitter only Dorsey’s account was compromised; Twitter itself was not at fault, officials of the company say, rather an unnamed mobile operator was at fault for the intrusion.
In a statement, the social media platform said:
“We’re aware that @jack was compromised and investigating what happened.”
“The account is now secure, and there is no indication that Twitter’s systems have been compromised. The phone number associated with the account was compromised due to a security oversight by the mobile provider,” @TwitterComms said in a series of tweets.
“This allowed an unauthorised person to compose and send tweets via text message from the phone number. That issue is now resolved,” @TwitterComms continued.
Speaking to the BBC, a source at Twitter said that hackers had used an infiltration method known as “simjacking” to gain control over Mr Dorsey’s profile. The technique involves transferring the target account’s associated phone number to a new sim card under the control of the cyber-criminals.
Once they had secured the phone number, the hackers were able to post their own tweets through Mr Dorsey’s profile through a text message directed to the compromised account.
Most users depend on mobile apps to tweet these days, but texting was previously the main method used and it’s an option that still exists.
The messages sent out over Twitter were transmitted both from Mr Dorsey’s account, @Jack, and through retweets from other accounts, using the n-word and making anti-Semitic comments. A further tweet said that Twitter’s HQ was undergoing a bomb threat.
The hackers responsible are thought to be behind a number of high-profile attacks on Twitter, including one against vlogger, James Charles and the account of YouTube personality, Desmond Amofah.
Article originally published on PrivSec:Report
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.